Mobile Technologies Web Technologies Digital Marketing Creative Design Career Talk Medical General Tech Interviews Internet Of Things

Embark on a journey of knowledge! Take the quiz and earn valuable credits.

Take A Quiz

Challenge yourself and boost your learning! Start the quiz now to earn credits.

Take A Quiz

Unlock your potential! Begin the quiz, answer questions, and accumulate credits along the way.

Take A Quiz

Popular Categories

Interview Questions
QuestionBank
Quantitative Aptitude
Engineering
Govt Exams
Digital Marketing
Management
Interviews
All

Strength of PBKDF based AES key

General Tech Learning Aids/Tools 2 years ago

0 1 0 0 0 tuteeHUB earn credit +10 pts
5 Star Rating 1 Rating
Previous Next

Posted on 16 Aug 2022, this text provides information on Learning Aids/Tools related to General Tech. Please note that while accuracy is prioritized, the data presented might not be entirely correct or up-to-date. This information is offered for general knowledge and informational purposes only, and should not be considered as a substitute for professional advice.

Take Quiz To Earn Credits!

Turn Your Knowledge into Earnings.

tuteehub_quiz

Answers (1)

Post Answer
profilepic.png
manpreet Tuteehub forum best answer Best Answer 2 years ago

 

Here is a stub of a system which would generate a key pair using AES 256 CBC in OpenSSL. The object of the code below is to generate two random passkeys, an AES key, and some other public data. The AES key would be used to exchange shared secrets.

Disclaimer: I am NOT an expert in Cryptography or Security Systems. I do realize the dangers but the point of this exercise is an academic interest. If there are novice errors or something entirely and dangerously incorrect, please do point it out to aid my learning.

// The key_generator() will produce the following public keys in addition
// to a couple of other private keys.
// public_identifier
// public_salt
// public_composite_identifier
// public_aes_key

int key_generator(/*some args*/)
{
    // Step 1
    //Obtain public_identifier. Possibly a hashed value of an unique ASCII string.
    unsigned char *public_identifier;


    // Step 2
    //Generate 256 bit private_primary_random_passkey which is secret. 
    //This random key is generated once and reused later.
    unsigned char *private_primary_random_passkey;

    if(RAND_bytes(private_primary_random_passkey, 256) == 0)     
        return FAILURE;


    // Step 3
    //Generate private_composite_identifier using public_identifier
    //and private_primary_random_passkey.
    //IMPORTANT - The method to obtain private_composite_identifier 
    //may be publicly known.  
    //The public_identifier is also publicly known but the 
    //private_primary_random_passkey is secret.
    unsigned char *private_composite_identifier;

    //
    //.....
    //


    // Step 4     
    //Generate temporary temp_private_aes_key and temp_private_aes_IV;
    //NOTE - Used dummy vars wherever key length is required. 
    //Assume correct length is passed in.

    int aes_rounds = 25000;

    unsigned char *temp_private_aes_key;
    unsigned char *temp_private_aes_IV;

    if(EVP_BytesToKey(EVP_aes_256_cbc(), 
                      EVP_sha512(), 
                      private_composite_identifier, 
                      private_primary_random_passkey, 
                      private_composite_identifier_length/8, 
                      aes_rounds, 
                      temp_private_aes_key, 
                      temp_private_aes_IV) == 0)     
        return FAILURE;    


    // Step 5
    //Generate 128 bit random salt which is public.
    unsigned char *public_salt;

    if(RAND_bytes(public_salt, 128) == 0)     
        return FAILURE;


    // Step 6
    //Generate private_composite_identifier and public_composite_identifier 
    //using temp_private_aes_key and public_salt.
    unsigned char *public_composite_identifier;
    unsigned char *private_composite_identifier;

    if(EVP_BytesToKey(EVP_aes_256_cbc(), 
                      EVP_sha512(), 
                      temp_private_aes_key,
                      public_salt,
                      temp_private_aes_key_length/8, 
                      aes_rounds, 
                      private_composite_identifier, 
                      public_composite_identifier) == 0)     
        return FAILURE;    


    // Step 7
    //Generate 128 bit private_secondary_random_passkey which is secret. 
    //This random key is generated once and reused later.
    unsigned char *private_secondary_random_passkey;

    if(RAND_bytes(private_secondary_random_passkey, 128) == 0)     
        return FAILURE;

    unsigned char *private_aes_key;
    unsigned char *public_aes_key;

    if(EVP_BytesToKey(EVP_aes_256_cbc(), 
                      EVP_sha512(), 
                      private_composite_identifier,
                      private_secondary_random_passkey,
                      private_composite_identifier_length/8, 
                      aes_rounds, 
                      private_aes_key, 
                     public_aes_key) == 0)     
        
                                                
                                                


                                                    

                                                        
                                                            0
                                                            views 

                                                            
                                                            

                                                            0
                                                            shares

No matter what stage you're at in your education or career, TuteeHub will help you reach the next level that you're aiming for. Simply,Choose a subject/topic and get started in self-paced practice sessions to improve your knowledge and scores.

Q

What is the full form of NABARD ?

Banking, Finance & Insurance
Q

How to refresh app upon shaking the device?

Mobile Technologies
Q

What are the govt exams after BCA?

Career Talk
Q

TYPO3 v8. Override function in Core class

General Tech
Q

Why do people in India give so much importance to Government jobs?

Commerce & Accounting
Q

<div>zkskKsk</div>

Mobile Technologies 0 Answers
Q

<span style="font-size: 1em;">Qwerty 4</span>

Digital Marketing 0 Answers
Q

<div>What are the key differences between AMOLED and LCD displays in smartphones?</div>

Mobile Technologies 0 Answers
Q

<div>What are the key challenges in Mobile App Development for Cross-Platform Solutions?</div>

Mobile Technologies 0 Answers
Q

who is the smallest man in the world

General Tech 0 Answers

Explore Other Libraries

Blogs Tutorials Question Bank Feeds Careernews

Tags

Strength PBKDF AES key

Important General Tech Links

 Bugs & Fixes
 Technology & Software
 Learning Aids/Tools
 QA/Testing